97% of survey respondents still unaware of crucial container security principles

Aqua Security has released the results of its 2021 Cloud Native Security Survey revealing the knowledge gap around runtime security and the associated risks. The study found that only 3% of respondents recognise that a container, in and of itself, is not a security boundary, indicating that the default security capabilities of containers are overestimated. This result is especially alarming in conjunction with the fact that only 24% of respondents have plans in place to deploy the necessary building blocks for runtime security.

  • 2 years ago Posted in

"The results of the survey showcase a staggering knowledge gap that leads to an underinvestment in a critical part of full lifecycle, end-to-end security for cloud native applications,” said Amir Jerbi, cofounder and CTO at Aqua. “When practitioners fail to implement a holistic approach with protecting their workloads at runtime, they are opening up their environments to attackers, since even the most complete ‘shift left’ vulnerability and malware detection cannot prevent zero-day attacks and administrator errors.”

The report demonstrates the difficulty and complexity of understanding key cloud native security risks, along with how to counteract them. Despite recent reports showing the increased sophistication of cloud native attacks, only 18% of respondents realise they are at risk for zero days in containerized environments.

Confidence vs. Reality

While 32% of respondents were confident in overall holistic runtime security protection, detailed questions revealed that less than 23% of respondents in fact had the necessary building blocks of runtime security in place.

Supply Chain Risks

A knowledge gap around workload protection has led to a striking number of practitioners who believe they are protected from supply chain attacks in production, but in fact are not. While 73% believed that they could stop software supply chain attacks evading static analysis, there was an apparent misconception about the role of runtime security in achieving this protection.

“There is a concerning overconfidence in the perceived ability to prevent supply chain attacks. The reality is that runtime security is essential because sophisticated supply chain attacks evade static analysis. We see unnamed attackers use legitimate vanilla images to download malicious elements at runtime, Kinsing malware that only downloads in runtime, and attackers like Team TNT who hide their malicious communications attacking our honeypots on daily basis,” said Jerbi.

Increasing Container Threats

In a recent threat report, Aqua found that attackers are becoming more proficient at hiding their methods and evading static scanning, while threats to container based environments have become more dangerous and more varied. Over a six-month period, Aqua observed honeypots being attacked 17,358 times, representing a 26% increase from just six months previously. The increasing volume of attacks demonstrates the importance of implementing holistic cloud native security, including runtime protection, in order to protect against attackers who have evaded detection and have access to the production environment.

"Holistic cloud native security should be every practitioner’s goal. It is not just about runtime security or any other one focus area. It is about ensuring the entire application life cycle is covered, from the build to the infrastructure and the workloads,” said Jerbi.

Research shows ‘game needs to be changed,’ with security innovation years behind that of the...
73% of organizations lack automated patch management, and 62% experienced incidents involving...
Quest Software has signed a definitive agreement with Clearlake Capital Group, L.P. (together with...
Dell EMC PowerProtect Cyber Recovery for AWS provides a fast, easy-to-deploy public cloud vault to...
Aqua’s cloud native application protection platform becomes the only solution that protects cloud...
54% of organisations working on a security transformation project now or in the next 12 months.
Node4 has released its Mid-Market IT Priorities Report 2021. The independent report reveals that...
Zscaler Zero Trust exchange cloud-based architecture enables superior green security capabilities...